Simple question, but I couldn´t find exactly what I needed on the KB:
The LAN has over 70 cpus in workgroup environment. To make things worse, we don´t have any corporate antivirus solution, we just install regular AV´s on each machine and hope for the best. Anyway, my question is:
To keep mass-mailing viruses at bay, and trying not get ourselves listed at CBL, I would like to block smtp traffic from getting out of the network, with the exception of the mail servers of course. Providing internet access, we have a SUSE/Squid/iptables server.
I would like to know what do I have to add to the iptables configuration file to allow smtp access only to two (or more) ip addresses and block all the rest (LAN only).
2 MTA´s (10.0.0.2 and 10.0.0.3)
LAN (10.0.0.50-255 MASK 255.240.0.0)
Linux (10.0.0.5 squid iptables - not transparent)